如何在 Azure DevOps 发布管道中连接 azaccount [英] How to connect-azaccount in Azure DevOps release pipeline
问题描述
在发布管道中,我尝试使用 Connect-Azaccount 连接到 Azure AD,以便我可以运行 Get-AzADgroup 来检索一些 Az AD 组名称及其 guid 并输出到变量.
我使用以下内联脚本创建了 Azure Powershell 任务.
(Get-AzADGroup -DisplayName "group-name").origin
看来您需要使用非交互式登录,请按照以下步骤操作.
1.
3.试试下面的脚本,使用你在步骤 1 中得到的值,它在我这边工作正常.
注意:当你使用Az时,你需要使用Task version和4.*(preview)> powershell 模块.
$azureAplicationId ="<您的广告应用程序 ID>"$azureTenantId="<您的租户 ID>"$azurePassword = ConvertTo-SecureString "<你的广告应用的秘密>"-AsPlainText -Force$psCred = 新对象 System.Management.Automation.PSCredential($azureAplicationId, $azurePassword)Connect-AzAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal#我只是测试得到所有组,你可以做其他操作Get-AzADGroupIn the release pipeline, I am trying to connect to Azure AD by using Connect-Azaccount so I can run Get-AzADgroup to retrieve some Az AD group names and their guid and output to variables.
I created Azure Powershell task with the following inline script.
(Get-AzADGroup -DisplayName "group-name").origin
It seems you need to use a non-interactive login, follow the steps as below.
1.Create an Azure Active Directory application and create a secret for the app, save the secret and get values for signing in.
2.In your AD App -> API permissions -> Add a permission -> select Azure Active Directory Graph -> Application permissions -> Directory.Read.All -> click Add permissions -> click Grant admin consent for xxx, refer to the screenshot.
3.Try the script as below, use the values which you get in step 1, it works fine on my side.
Note: You need to use the Task version with 4.*(preview) when you use Az powershell module.
$azureAplicationId ="<your ad app application id>"
$azureTenantId= "<your tenant id>"
$azurePassword = ConvertTo-SecureString "<the secret of your ad app>" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential($azureAplicationId , $azurePassword)
Connect-AzAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal
#I just test to get all groups, you could do other operations
Get-AzADGroup
这篇关于如何在 Azure DevOps 发布管道中连接 azaccount的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
